<?php

session_start();
include("load-settings.php");

if(!isset($_SESSION['user']))
	header("Location: login.php");

$user = mysql_real_escape_string($_SESSION['user']);
$result = mysql_query("SELECT * FROM user WHERE id = $user") or die(mysql_error());
$row = mysql_fetch_array($result);

if($row['type'] != 2)
	header("Location: home.php");

$paypal = mysql_real_escape_string($_POST['paypal']);
$summoner = mysql_real_escape_string($_POST['summoner']);

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$region = mysql_real_escape_string($_POST['region']);
$levels = mysql_real_escape_string($_POST['levels']);
$start_level = mysql_real_escape_string($_POST['start_level']);
$levels = intval($levels) - intval($start_level);
$payout = mysql_real_escape_string($_POST['payout']);

$result = mysql_query("SELECT * FROM user WHERE paypal = '$paypal'") or die(mysql_error());

if(mysql_num_rows($result) == 0)
{

	$to = $paypal;
	$subject = 'ELO Coach Boosting';
	$message = str_replace("[password]", $password, $signup_message);
	$message = str_replace("\n", "\r\n", $message);

	$headers = 'From: Admin@VeteranBoosters.com' . "\r\n" .
		'Reply-To: Admin@VeteranBoosters.com' . "\r\n" .
		'X-Mailer: PHP/' . phpversion();

	mail($to, $subject, $message, $headers);

	$hash = crypt($password);

	mysql_query("INSERT INTO user (paypal, summoner, username, password, region, type) VALUES ('$paypal', '$summoner', '$username', '$hash', '$region', 0)") or die(mysql_error());

	$user = mysql_insert_id();
}
else
{
	$row = mysql_fetch_array($result);
	$user = $row['id'];

	//$password = substr(md5(rand()), 0, 7);

	$to = $paypal;
	$subject = 'ELO Coach Boosting';
	$message = str_replace("[password]", $password, $new_order_message);
	$message = str_replace("\n", "\r\n", $message);

	$headers = 'From: Admin@VeteranBoosters.com' . "\r\n" .
		'Reply-To: Admin@VeteranBoosters.com' . "\r\n" .
		'X-Mailer: PHP/' . phpversion();

	mail($to, $subject, $message, $headers);
}

$orders = mysql_query("SELECT MAX(id) FROM order_record");
$order_count = mysql_fetch_array($orders);
$duos = mysql_query("SELECT MAX(id) FROM duo_order");
$duo_count = mysql_fetch_array($duos);
$leveling = mysql_query("SELECT MAX(id) FROM leveling_order");
$leveling_count = mysql_fetch_array($leveling);
$referral = mysql_query("SELECT MAX(id) FROM referral_order");
$referral_count = mysql_fetch_array($referral);
$account = mysql_query("SELECT MAX(id) FROM account_order");
$account_count = mysql_fetch_array($account);

$max_order = $order_count['MAX(id)'];
$max_duo = $duo_count['MAX(id)'];
$max_leveling = $leveling_count['MAX(id)'];
$max_referral = $referral_count['MAX(id)'];
$max_account = $acount_count['MAX(id)'];

$new_id = $max_order;

if($max_duo > $new_id)
	$new_id = $max_duo;
if($max_leveling > $new_id)
	$new_id = $max_leveling;
if($max_referral > $new_id)
	$new_id = $max_referral;
if($max_account > $new_id)
	$new_id = $max_account;


$new_id++;
$all_orders = $new_id;

$result = mysql_query("SELECT * FROM option_list WHERE name = 'Cost per level up to 10'");
$row = mysql_fetch_array($result);
$low_price = $row['value'];

$result = mysql_query("SELECT * FROM option_list WHERE name = 'Cost per level 11-20'");
$row = mysql_fetch_array($result);
$medium_price = $row['value'];

$result = mysql_query("SELECT * FROM option_list WHERE name = 'Cost per level 21-30'");
$row = mysql_fetch_array($result);
$high_price = $row['value'];

$low_levels = 0;
$medium_levels = 0;
$high_levels = 0;
	
if($start_level < 10)
{
	$low_levels = $levels;

	if($low_levels > (10 - $start_level))
	{
		$medium_levels = $low_levels - (10 - $start_level);
		$low_levels = (10 - $start_level);

		if($medium_levels > 10)
		{
			$high_levels = $medium_levels - 10;
			$medium_levels = 10;
		}
	}
}
else if($start_level < 20)
{
	$medium_levels = $levels;

	if($medium_levels > (20 - $start_level))
	{
		$high_levels = $medium_levels - (20 - $start_level);
		$medium_levels -= 10;
	}
}
else
{
	$high_levels = levels;
}


$total = ($low_levels * $low_price) + ($medium_levels * $medium_price) + ($high_levels * $high_price);

mysql_query("INSERT INTO leveling_order (id, user, summoner, username, password, region, levels, start_level, payout) VALUES ($all_orders, $user, '$summoner', '$username', '$password', '$region', $levels, $start_level, $total)") or die(mysql_error());

$order = $all_orders;

$result = mysql_query("SELECT * FROM user WHERE type = 2");
$row = mysql_fetch_array($result);
$admin = $row['id'];
$boost_message = mysql_real_escape_string($boost_message);
mysql_query("INSERT INTO leveling_chat (user, timestamp, message, leveling_order) VALUES ($admin, ".time().", '$leveling_message', $order)") or error_log(mysql_error());

header("Location: leveling_panel.php");

?>